Introduction to Adaptive Shield

Adaptive Shield is a company focusing on the security of software as a service (SaaS) applications. Founded in 2019, it started in Tel Aviv but also has offices in the USA. In 2021 the company raised $44 million in Series A funding led by Insight Partners, and currently has around 70 employees and over 120 customers. It competes with products like Obsidian and AppOmni.

The software provides visibility into the security posture of SaaS apps, identifying and remediating security risks, and giving the ability to enforce security policies. There is pre-built integration to over 140 apps out of the box at present, including Snowflake, Salesforce and Tableau. It creates a map of the SaaS applications within a company and assesses each from a security perspective, showing a dashboard that indicates various security aspects of the way in which each app is configured. Data can be optionally classified as particularly sensitive and then be monitored. Adaptive Shield does not itself carry out actual enforcement of security policies, relying on existing infrastructure to do this. Instead, it highlights issues and can raise tickets to remediate weaknesses that are highlighted, and it has links to a number of orchestration products to make this a smooth process.

The software goes beyond basic analysis of the SaaS apps, checking which devices users use to access the apps and highlighting security vulnerabilities. For example, it might turn out that a systems admin with a lot of security privileges actually accesses the apps via an old MacBook with an outdated operating system that has security vulnerabilities. Adaptive Shield finds this kind of weakness and will suggest steps to improve the situation. Data auditing tracks all changes made to data by logging all data access and changes. Data auditing can help to identify potential data security incidents, alerting the corporate security team of anything suspicious, and ensure that data is not altered without authorisation.

The software also provides ongoing monitoring, tracking users and building up a profile of their normal behaviour. In this way the software can detect unusual patterns of usage, for example, someone logging in from an unusual IP address, or a system admin id suddenly making a large number of security changes when that is not usually the case. Of course, some unusual behaviours may turn out to be false positives, but the software can at least highlight such unusual behaviour. These days, artificial intelligence can be used by bad actors to create more sophisticated phishing emails amongst other things, so careful monitoring of activity is more important than ever.

Adaptive Shield offers a consistent and easy-to-use interface that gives a map of security across SaaS applications, highlighting inherent vulnerabilities and detecting anomalous or unusual activity. As organisations increasingly migrate their applications from on-premise to the cloud, they would be well advised to consider using products such as Adaptive Shield to ensure that their migration is carried out in a secure manner, and stays that way once complete.